sirosen/scrape-acls.sh

## scrape-acls.sh
#!/bin/bash

# substitute your own Endpoint ID here
EP_ID="SET ME"


# use text output, and scrape the header off with tail
# grep -v "^NULL" removes rules with no ID -- these are cases where a
# permission is granted via a role (e.g. administrator), not an ACL rule we
# could recreate
real_acls="$(globus endpoint permission list "$EP_ID" | tail -n+3 | grep -v '^NULL')"

# use `echo | while read` to loop through lines of output
echo "$real_acls" | while read -r line; do
  # parse a line by echoing it repeatedly into
  #   - cut to split on "|"
  #   - 'tr -d' to remove leading/trailing spaces
  perms="$(echo "$line" | cut -d '|' -f2 | tr -d ' ')"
  username_or_group="$(echo "$line" | cut -d '|' -f3 | tr -d ' ')"
  # don't remove space aggressively on path because it can contain spaces
  # I'll use sed to do regex replacement on the beginning and end of the string
  # (your version of sed might allow `\s`, but `[[:space:]]` is BSD-compatible,
  #  in case that matters)
  path="$(echo "$line" | cut -d '|' -f4 |
      sed -e 's/[[:space:]]*$//g' -e 's/^[[:space:]]*//g')"

  # username_or_group could be a username or a group ID
  # use case to match on "@" being in the string, and use that for detection
  is_username=0
  case "$username_or_group" in
      *@*)
        is_username=1
        ;;
  esac

  # for now, echo results
  echo "PERMISSIONS: $perms"
  echo "PATH: $path"
  if [ $is_username -eq 1 ]; then
    echo "USERNAME: $username_or_group"
  else
    echo "GROUP_ID: $username_or_group"
  fi
done
	#!/bin/bash

	# substitute your own Endpoint ID here
	EP_ID="SET ME"


	# use text output, and scrape the header off with tail
	# grep -v "^NULL" removes rules with no ID -- these are cases where a
	# permission is granted via a role (e.g. administrator), not an ACL rule we
	# could recreate
	real_acls="$(globus endpoint permission list "$EP_ID" \| tail -n+3 \| grep -v '^NULL')"

	# use `echo \| while read` to loop through lines of output
	echo "$real_acls" \| while read -r line; do
	# parse a line by echoing it repeatedly into
	# - cut to split on "\|"
	# - 'tr -d' to remove leading/trailing spaces
	perms="$(echo "$line" \| cut -d '\|' -f2 \| tr -d ' ')"
	username_or_group="$(echo "$line" \| cut -d '\|' -f3 \| tr -d ' ')"
	# don't remove space aggressively on path because it can contain spaces
	# I'll use sed to do regex replacement on the beginning and end of the string
	# (your version of sed might allow `\s`, but `[[:space:]]` is BSD-compatible,
	# in case that matters)
	path="$(echo "$line" \| cut -d '\|' -f4 \|
	sed -e 's/[[:space:]]$//g' -e 's/^[[:space:]]//g')"

	# username_or_group could be a username or a group ID
	# use case to match on "@" being in the string, and use that for detection
	is_username=0
	case "$username_or_group" in
	@)
	is_username=1
	;;
	esac

	# for now, echo results
	echo "PERMISSIONS: $perms"
	echo "PATH: $path"
	if [ $is_username -eq 1 ]; then
	echo "USERNAME: $username_or_group"
	else
	echo "GROUP_ID: $username_or_group"
	fi
	done